Displaying 1 result from an estimated 1 matches for "forgeryprotect".
2008 Mar 16
0
bypassing verify_authenticity_token before_filter when in facebook
...a Facebook
project where I need bypass the new CSRF protection (built into Rails
2.0) under certain conditions. However, since my project works
outside of Facebook I don?t want to disable the CSRF protection from
requests made outside of Facebook.
Here is a small extension i wrote for the ForgeryProtection module.
ActionController::RequestForgeryProtection.module_eval do
alias :original_verify_authenticity_token :verify_authenticity_token
def verify_authenticity_token(*args)
if controller.params.include?(''fb_sig'') && controller.action ==
''sekret_me...